The Security Repo
The Security Repo
Mackenzie Jackson & Dwayne McDaniel
The security repo is a podcast that focuses on real world security issues we are all facing today. We will take deep dives into news events and have exclusive interviews with security leaders on the ground.
The Evolution of Offensive Security with Erik Cabetas
In this episode, we delve into the mind of Erik Cabetas, a renowned figure in offensive security and Defcon CTF winner. Erik shares his unique journey from hacking to offensive security, detailing the critical turning points that shaped his career. Together with Mackenzie and Dwayne, Eric discusses the evolution of security practices, the importance of ethical hacking in today's digital world, and offers some advice for aspiring hackers. Join us to explore the fascinating intersection of technology, ethics, and security through Erik's expert lens.
Feb 24, 2024
41 min
From Bank Heists to Security Insights: The Jayson E. Street Story
In this episode of The Security Repo, Jayson E. Street delves into his unconventional journey into cybersecurity, emphasizing the essence of hacking as a manifestation of curiosity rather than mere technical skill. He shares anecdotes from his extensive experience in ethical hacking, including bank heists and corporate security breaches, to underscore the importance of creative problem-solving in security. Street also critiques the narrow perceptions of hacking, advocates for diversity in the security field, and offers unconventional advice for enhancing corporate security awareness. His stories, ranging from audacious exploits to thoughtful reflections on personal and professional growth, provide a compelling narrative on the importance of thinking outside the box in cybersecurity. More links on Jayson Hacker Answers Penetration Test Questions From Twitter  https://www.youtube.com/watch?v=6i-84wqc_qU Penetration tester Jayson E. Street helps banks by hacking them https://www.youtube.com/watch?v=02Vf3NjTPsI Social Links X - https://twitter.com/jaysonstreet Linkedin - https://www.linkedin.com/in/jstreet/
Feb 16, 2024
55 min
Reducing the noise: Cutting through the data in security Buck Bundhund
In this episode of "The Security Repo," hosts Dwayne McDaniel and Mackenzie Jackson delve into the intricate world of cybersecurity with Buck Bundhund, an expert from Centripetal Networks. The conversation kicks off with an exploration of the pervasive issue of data noise – the influx of non-intended data into organizational networks, posing significant challenges for security operations. Buck sheds light on the complexities of distinguishing between legitimate and illegitimate traffic and the detrimental effects of alert fatigue within security teams. Through real-world examples and insights, the discussion unfolds to reveal the limitations of traditional security tools in handling the massive volume and dynamic nature of data noise. Listeners gain valuable insights into innovative strategies employed by Centripetal Networks, leveraging comprehensive threat intelligence and AI to filter out illegitimate traffic effectively. Buck underscores the importance of not only technological advancements but also human intuition and analysis in identifying and mitigating security threats. Join "The Security Repo" team as they navigate the ever-evolving landscape of cybersecurity, offering practical perspectives and solutions to combat data noise and enhance security posture in today's digital age. Links: Buck on Linkedin https://www.linkedin.com/in/buck-bundhund-8496862/ Centripetal Networks https://www.centripetal.ai/
Feb 8, 2024
40 min
Solving the bottom turtle: Fixing the authentication problem with Ethan Heilman
In security you have likely heard the expression turtles all the way down, the concept the world is held up on the back of a turtle who is standing on the back other another turtle, and so on.. This can be used to describe the current state of security, where everything can dramatically fall over if the bottom turtle fails. In this episode, we discuss solving the bottom turtle, solving authentication. Our guest Ethan Heilman has a PhD in Computer Science and the current CTO of BastionZero where he is currently working on Open PubKey, a protocol for leveraging OpenID Providers (OPs) to bind identities to public keys. Links: OpenPubkey - https://github.com/openpubkey/openpubkey BastionZero - https://www.bastionzero.com/ Social Connections for Ethan Masterdon - [email protected] X - @Ethan_Heilman
Jan 31, 2024
34 min
The right tool for the job: Finding and evaluating security tools with James Berthoty
In this episode, James Berthoty shares insights into his project, Latio Tech, which provides a comprehensive list of cloud security tools and resources. James highlights the challenges of vendor assessments and the importance of bridging knowledge gaps in cloud security. He also shares trends in the security tooling industry and offers advice for smaller teams or organizations with limited budgets seeking effective security solutions. This episode is perfect for anyone looking into purchasing new security tools or wanting to understand the purchasing process. Show Links: Latio Tech - https://www.latio.tech/ James Linkedin - https://www.linkedin.com/in/james-berthoty/
Jan 24, 2024
41 min
Securing our APIs - Thinking differently about API Security with Isabelle Mauny
In this episode, Mackenzie and Dwayne dive into a discussion on API security with special guest Isabelle Mauny, co-founder and CTO of 42Crunch. We walk through the differences API security has compared with traditional application security, and its growing importance in today's technology landscape. We also have a discussion about the challenges and risks associated with API security, the need for developers to be actively involved in securing APIs, and the tools and practices that can help integrate security into the development workflow. Show Links 42Crunch website - https://42crunch.com/ 42 Crunch Blog - https://42crunch.com/blog/ Isabelle Mauny Linkedin - https://www.linkedin.com/in/isamauny/ Quote's from the episode "It's shift left not shove left" - Isabelle Mauny "The minute you put something on the Internet, it is public." - Isabelle Mauny "Shift left is not about saying to the developers, 'You're responsible for one more thing, which is security.' It's about giving them the tools that fit into their workflow." - Isabelle Mauny
Jan 17, 2024
43 min
Revolutionizing SAST: Bridging the Gap for Modern Developers with Nipun Gupta
In this episode of The Security Repo, Mackenzie Jackson sits down with Nipun Gupta, the Chief Operating Officer of Bearer, a leading security company at the forefront of innovation in the cybersecurity landscape. Join us as we delve deep into the world of Static Application Security Testing (SAST) and explore why traditional SAST tools are struggling to keep pace with the demands of modern development environments. In today's fast-paced software development ecosystem, developers are continuously seeking ways to improve code quality, enhance security, and accelerate their workflows. However, traditional SAST tools often fall short, failing to meet the specific needs of developers. Nipun Gupta sheds light on these challenges and discusses how Bearer is breaking new ground by redefining SAST for the modern era. Discover the fascinating insights and solutions that Bearer brings to the table, making SAST more accessible and effective for developers. Learn how their innovative approach is not only improving code security but also enabling AI-generated code to be more secure and trustworthy. Uncover the synergy between SAST and AI in this thought-provoking episode and gain valuable insights that can help your organization stay ahead in the ever-evolving cybersecurity landscape. Tune in to "Revolutionizing SAST: Bridging the Gap for Modern Developers with Nipun Gupta" to stay informed and inspired in the realm of cybersecurity and software development. Follow Nipun on Linkedin - https://www.linkedin.com/in/guptanipun/ Learn more about Bearer today at - https://www.bearer.com/
Jan 10, 2024
28 min
API Security Unveiled: Safeguarding the Heart of Modern Applications
In this episode of "The Security Repo," your hosts Mackenzie Jackson and Dwayne McDaniel are joined by a distinguished guest, Dan Barahona, as they embark on an eye-opening exploration of API security. As the digital landscape evolves at breakneck speed, APIs (Application Programming Interfaces) have become the backbone of modern applications, making them an attractive target for cyber threats. Join the conversation as Mackenzie, Dwayne, and Dan delve into the fundamentals of API security and why it has emerged as an integral aspect of both application security and the broader realm of cybersecurity. Discover the ins and outs of protecting these crucial gateways, learn about the common vulnerabilities that threat actors exploit, and gain insights into best practices and cutting-edge strategies for fortifying your digital fortress. Whether you're a developer, a security professional, or simply curious about the ever-evolving world of cybersecurity, this episode promises to provide you with invaluable knowledge on API security and equip you with the tools to safeguard your digital assets. Tune in to "The Security Repo" for an illuminating discussion that could mean the difference between vulnerability and resilience in our interconnected digital world. AppSec University: https://www.apisecuniversity.com/ Dan Barahona Linkedin: https://www.linkedin.com/in/rdbarahona/
Dec 20, 2023
30 min
Guarding Against Deception: The Art of Detecting and Defending Against Social Engineering
In this episode of The Security Repo, your hosts Mackenzie Jackson and Dwyane McDaniel are joined by the brilliant Reanna Schultz, a seasoned expert in the field of cybersecurity. Together, they delve deep into the world of social engineering, exploring what it is, how to detect it, and crucially, how to arm your staff against its deceptive tactics. Social engineering is a crafty, manipulative art used by cybercriminals to exploit human psychology. Our trio dissects the various techniques employed by malicious actors, shedding light on the ever-evolving landscape of digital deception. Learn how to recognize the red flags and protect your organization from falling victim to these cunning ploys. But that's not all; in this episode, we also peer into the fascinating intersection of artificial intelligence and cybersecurity. Discover how AI is shaping the cyber landscape and making it harder to detect social engineering activities. Join us for an enlightening conversation that's essential for anyone navigating the complex world of cybersecurity. Tune in to "Unmasking the Shadows: Social Engineering, AI, and Cybersecurity" and fortify your defenses against the lurking dangers of the digital realm. Show Links: Follow Renna on Linkedin - https://www.linkedin.com/in/reanna-schultz/ GitHub Phising Simulation - https://github.com/reannaschultz/PhishingSimulation/wiki
Dec 15, 2023
32 min
Contextual Security: Revolutionizing Developer-Focused Cybersecurity with James Wickett
In this eye-opening episode of The Security Repo, we welcome James Wickett, the CEO and co-founder of DryRun Security, a visionary in the realm of cybersecurity. James unveils a groundbreaking concept known as "Contextual Security," a game-changer that empowers developers with unprecedented security insights while they write code. As our hosts and cybersecurity enthusiasts Mackenzie and Dwaybne guide the conversation, James delves into the heart of Contextual Security, offering listeners an inside look at how this innovative approach is transforming the way developers view and implement cybersecurity in their projects. Discover how Contextual Security is redefining the role of developers in the fight against cyber threats. James also takes us on a journey through the realm of artificial intelligence, sharing his insights on its pivotal role in the future of cybersecurity. As he paints a vivid picture of the evolving threat landscape, you'll gain valuable perspective on why traditional security measures are falling short, particularly for developers. Don't miss this engaging and thought-provoking episode as we explore the forefront of cybersecurity with James Wickett, a trailblazer whose mission is to equip developers with the tools and knowledge they need to fortify their code against today's evolving threats. Tune in to "The Security Repo" and be prepared to redefine your understanding of cybersecurity in the digital age. Show Links: https://www.dryrun.security/ James personal webiate https://wickett.me Linkedin: https://www.linkedin.com/in/wickett/
Dec 8, 2023
33 min
Load more